diff options
| author | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-08 06:47:52 -0800 |
|---|---|---|
| committer | Andrew Arnott <andrewarnott@gmail.com> | 2012-02-08 17:29:38 -0800 |
| commit | bef6c27a1b50519f23a5308547d65b55c8e98868 (patch) | |
| tree | 60aa3a0c5d3e4e97d6f89df4a90f478c42fb1a12 | |
| parent | e40337bd6706ffdfd31a43124b0fd1e095ba7844 (diff) | |
| download | DotNetOpenAuth-bef6c27a1b50519f23a5308547d65b55c8e98868.zip DotNetOpenAuth-bef6c27a1b50519f23a5308547d65b55c8e98868.tar.gz DotNetOpenAuth-bef6c27a1b50519f23a5308547d65b55c8e98868.tar.bz2 | |
Removed OAuth1's dependency on OpenID assemblies.
Related to #71
24 files changed, 444 insertions, 170 deletions
diff --git a/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec b/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec new file mode 100644 index 0000000..2d3f978 --- /dev/null +++ b/nuget/DotNetOpenAuth.OpenIdOAuth.nuspec @@ -0,0 +1,32 @@ +<?xml version="1.0"?> +<package xmlns="http://schemas.microsoft.com/packaging/2010/07/nuspec.xsd"> + <metadata> + <id>DotNetOpenAuth.OpenIdOAuth</id> + <version>$version$</version> + <title>DotNetOpenAuth OpenID OAuth hybrid</title> + <authors>Andrew Arnott</authors> + <owners>Outercurve Foundation</owners> + <projectUrl>http://www.dotnetopenauth.net/</projectUrl> + <iconUrl>https://github.com/AArnott/dotnetopenid/raw/v3.4/doc/logo/dnoa-logo_32x32.png</iconUrl> + <licenseUrl>http://www.opensource.org/licenses/ms-pl.html</licenseUrl> + <requireLicenseAcceptance>false</requireLicenseAcceptance> + <description>Contains assemblies that are required to implement OpenID+OAuth extension support.</description> + <dependencies> + <dependency id="DotNetOpenAuth.OAuth.Consumer" version="[$version$]" /> + <dependency id="DotNetOpenAuth.OAuth.ServiceProvider" version="[$version$]" /> + <dependency id="DotNetOpenAuth.OpenId" version="[$version$]" /> + </dependencies> + </metadata> + <files> + <file src="$OutputPath35$signed\DotNetOpenAuth.OpenIdOAuth.dll" target="lib\net35-full\" /> + <file src="$OutputPath40$signed\DotNetOpenAuth.OpenIdOAuth.dll" target="lib\net40-full\" /> + + <file src="$OutputPath35$DotNetOpenAuth.OpenIdOAuth.pdb" target="lib\net35-full\" /> + <file src="$OutputPath40$DotNetOpenAuth.OpenIdOAuth.pdb" target="lib\net40-full\" /> + + <file src="$OutputPath35$DotNetOpenAuth.OpenIdOAuth.xml" target="lib\net35-full\" /> + <file src="$OutputPath40$DotNetOpenAuth.OpenIdOAuth.xml" target="lib\net40-full\" /> + + <file src="..\src\DotNetOpenAuth.OpenIdOAuth\**\*.cs" target="src" /> + </files> +</package>
\ No newline at end of file diff --git a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj index aac67d4..43b4a00 100644 --- a/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj +++ b/samples/DotNetOpenAuth.ApplicationBlock/DotNetOpenAuth.ApplicationBlock.csproj @@ -158,6 +158,10 @@ <Project>{F458AB60-BA1C-43D9-8CEF-EC01B50BE87B}</Project> <Name>DotNetOpenAuth.OpenId.RelyingParty</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj"> + <Project>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</Project> + <Name>DotNetOpenAuth.OpenIdOAuth</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> diff --git a/samples/OAuthClient/OAuthClient.csproj b/samples/OAuthClient/OAuthClient.csproj index 1690126..2de5915 100644 --- a/samples/OAuthClient/OAuthClient.csproj +++ b/samples/OAuthClient/OAuthClient.csproj @@ -193,6 +193,10 @@ <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> <Name>DotNetOpenAuth.OAuth</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj"> + <Project>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</Project> + <Name>DotNetOpenAuth.OpenIdOAuth</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> diff --git a/samples/OAuthConsumer/OAuthConsumer.csproj b/samples/OAuthConsumer/OAuthConsumer.csproj index 0d65bec..3847043 100644 --- a/samples/OAuthConsumer/OAuthConsumer.csproj +++ b/samples/OAuthConsumer/OAuthConsumer.csproj @@ -173,6 +173,10 @@ <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> <Name>DotNetOpenAuth.OAuth</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj"> + <Project>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</Project> + <Name>DotNetOpenAuth.OpenIdOAuth</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> diff --git a/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs index 9d9f6af..8e64bfb 100644 --- a/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs +++ b/samples/OpenIdProviderWebForms/Code/OAuthHybrid.cs @@ -18,7 +18,7 @@ namespace OpenIdProviderWebForms.Code { /// Initializes static members of the <see cref="OAuthHybrid"/> class. /// </summary> static OAuthHybrid() { - ServiceProvider = new ServiceProvider(GetServiceDescription(), TokenManager); + ServiceProvider = new ServiceProviderOpenIdProvider(GetServiceDescription(), TokenManager); } internal static IServiceProviderTokenManager TokenManager { @@ -35,7 +35,7 @@ namespace OpenIdProviderWebForms.Code { } } - internal static ServiceProvider ServiceProvider { get; private set; } + internal static ServiceProviderOpenIdProvider ServiceProvider { get; private set; } internal static ServiceProviderDescription GetServiceDescription() { return new ServiceProviderDescription { diff --git a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj index f1da9b6..439d5fd 100644 --- a/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj +++ b/samples/OpenIdProviderWebForms/OpenIdProviderWebForms.csproj @@ -208,6 +208,10 @@ <Project>{75E13AAE-7D51-4421-ABFD-3F3DC91F576E}</Project> <Name>DotNetOpenAuth.OpenId.UI</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj"> + <Project>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</Project> + <Name>DotNetOpenAuth.OpenIdOAuth</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> diff --git a/samples/OpenIdRelyingPartyWebForms/Global.asax.cs b/samples/OpenIdRelyingPartyWebForms/Global.asax.cs index 6583289..6283987 100644 --- a/samples/OpenIdRelyingPartyWebForms/Global.asax.cs +++ b/samples/OpenIdRelyingPartyWebForms/Global.asax.cs @@ -14,11 +14,11 @@ internal static StringBuilder LogMessages = new StringBuilder(); - internal static WebConsumer GoogleWebConsumer { + internal static WebConsumerOpenIdRelyingParty GoogleWebConsumer { get { - var googleWebConsumer = (WebConsumer)HttpContext.Current.Application["GoogleWebConsumer"]; + var googleWebConsumer = (WebConsumerOpenIdRelyingParty)HttpContext.Current.Application["GoogleWebConsumer"]; if (googleWebConsumer == null) { - googleWebConsumer = new WebConsumer(GoogleConsumer.ServiceDescription, GoogleTokenManager); + googleWebConsumer = new WebConsumerOpenIdRelyingParty(GoogleConsumer.ServiceDescription, GoogleTokenManager); HttpContext.Current.Application["GoogleWebConsumer"] = googleWebConsumer; } diff --git a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj index 9e82b2e..01b4b09 100644 --- a/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj +++ b/samples/OpenIdRelyingPartyWebForms/OpenIdRelyingPartyWebForms.csproj @@ -248,6 +248,10 @@ <Project>{75E13AAE-7D51-4421-ABFD-3F3DC91F576E}</Project> <Name>DotNetOpenAuth.OpenId.UI</Name> </ProjectReference> + <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj"> + <Project>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</Project> + <Name>DotNetOpenAuth.OpenIdOAuth</Name> + </ProjectReference> <ProjectReference Include="..\..\src\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> <Name>DotNetOpenAuth.OpenId</Name> diff --git a/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs index c7d3168..75a9616 100644 --- a/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs +++ b/samples/OpenIdRelyingPartyWebForms/loginPlusOAuthSampleOP.aspx.cs @@ -27,7 +27,7 @@ TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, }; - WebConsumer consumer = new WebConsumer(serviceDescription, Global.OwnSampleOPHybridTokenManager); + var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager); consumer.AttachAuthorizationRequest(e.Request, "http://tempuri.org/IDataApi/GetName"); } @@ -38,7 +38,7 @@ AccessTokenEndpoint = new MessageReceivingEndpoint(new Uri(e.Response.Provider.Uri, "/access_token.ashx"), HttpDeliveryMethods.AuthorizationHeaderRequest | HttpDeliveryMethods.PostRequest), TamperProtectionElements = new ITamperProtectionChannelBindingElement[] { new HmacSha1SigningBindingElement() }, }; - WebConsumer consumer = new WebConsumer(serviceDescription, Global.OwnSampleOPHybridTokenManager); + var consumer = new WebConsumerOpenIdRelyingParty(serviceDescription, Global.OwnSampleOPHybridTokenManager); AuthorizedTokenResponse accessToken = consumer.ProcessUserAuthorization(e.Response); if (accessToken != null) { diff --git a/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs index fd906f1..e9e74d3 100644 --- a/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs +++ b/src/DotNetOpenAuth.Core/Properties/AssemblyInfo.cs @@ -60,6 +60,7 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.Consumer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.ServiceProvider, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] @@ -80,6 +81,7 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.Consumer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.ServiceProvider")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.AuthorizationServer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2.ResourceServer")] diff --git a/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj b/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj index 2478187..cb4aea3 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj +++ b/src/DotNetOpenAuth.OAuth.Consumer/DotNetOpenAuth.OAuth.Consumer.csproj @@ -39,10 +39,6 @@ <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> <Name>DotNetOpenAuth.OAuth</Name> </ProjectReference> - <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> - <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> - <Name>DotNetOpenAuth.OpenId</Name> - </ProjectReference> </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> diff --git a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs index a550e15..d599598 100644 --- a/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs +++ b/src/DotNetOpenAuth.OAuth.Consumer/OAuth/WebConsumer.cs @@ -12,8 +12,6 @@ namespace DotNetOpenAuth.OAuth { using DotNetOpenAuth.Messaging; using DotNetOpenAuth.OAuth.ChannelElements; using DotNetOpenAuth.OAuth.Messages; - using DotNetOpenAuth.OpenId.Extensions.OAuth; - using DotNetOpenAuth.OpenId.RelyingParty; /// <summary> /// A website or application that uses OAuth to access the Service Provider on behalf of the User. @@ -74,67 +72,6 @@ namespace DotNetOpenAuth.OAuth { } /// <summary> - /// Attaches an OAuth authorization request to an outgoing OpenID authentication request. - /// </summary> - /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> - /// <param name="scope">The scope of access that is requested of the service provider.</param> - public void AttachAuthorizationRequest(IAuthenticationRequest openIdAuthenticationRequest, string scope) { - Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); - - var authorizationRequest = new AuthorizationRequest { - Consumer = this.ConsumerKey, - Scope = scope, - }; - - openIdAuthenticationRequest.AddExtension(authorizationRequest); - } - - /// <summary> - /// Processes an incoming authorization-granted message from an SP and obtains an access token. - /// </summary> - /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> - /// <returns> - /// The access token, or null if OAuth authorization was denied by the user or service provider. - /// </returns> - /// <remarks> - /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. - /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. - /// </remarks> - public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { - Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); - Requires.ValidState(this.TokenManager is IOpenIdOAuthTokenManager); - var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; - ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); - - // The OAuth extension is only expected in positive assertion responses. - if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { - return null; - } - - // Retrieve the OAuth extension - var positiveAuthorization = openIdAuthenticationResponse.GetExtension<AuthorizationApprovedResponse>(); - if (positiveAuthorization == null) { - return null; - } - - // Prepare a message to exchange the request token for an access token. - // We are careful to use a v1.0 message version so that the oauth_verifier is not required. - var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, Protocol.V10.Version) { - RequestToken = positiveAuthorization.RequestToken, - ConsumerKey = this.ConsumerKey, - }; - - // Retrieve the access token and store it in the token manager. - openidTokenManager.StoreOpenIdAuthorizedRequestToken(this.ConsumerKey, positiveAuthorization); - var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); - this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, positiveAuthorization.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); - - // Provide the caller with the access token so it may be associated with the user - // that is logging in. - return grantAccess; - } - - /// <summary> /// Processes an incoming authorization-granted message from an SP and obtains an access token. /// </summary> /// <param name="request">The incoming HTTP request.</param> diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/DotNetOpenAuth.OAuth.ServiceProvider.csproj b/src/DotNetOpenAuth.OAuth.ServiceProvider/DotNetOpenAuth.OAuth.ServiceProvider.csproj index 4e99b4a..526b20b 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/DotNetOpenAuth.OAuth.ServiceProvider.csproj +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/DotNetOpenAuth.OAuth.ServiceProvider.csproj @@ -46,10 +46,6 @@ <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> <Name>DotNetOpenAuth.OAuth</Name> </ProjectReference> - <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> - <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> - <Name>DotNetOpenAuth.OpenId</Name> - </ProjectReference> </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> diff --git a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs index 1338d87..06c3dca 100644 --- a/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs +++ b/src/DotNetOpenAuth.OAuth.ServiceProvider/OAuth/ServiceProvider.cs @@ -19,10 +19,6 @@ namespace DotNetOpenAuth.OAuth { using DotNetOpenAuth.Messaging.Bindings; using DotNetOpenAuth.OAuth.ChannelElements; using DotNetOpenAuth.OAuth.Messages; - using DotNetOpenAuth.OpenId; - using DotNetOpenAuth.OpenId.Extensions.OAuth; - using DotNetOpenAuth.OpenId.Messages; - using DotNetOpenAuth.OpenId.Provider; /// <summary> /// A web application that allows access via OAuth. @@ -293,88 +289,6 @@ namespace DotNetOpenAuth.OAuth { } /// <summary> - /// Gets the OAuth authorization request included with an OpenID authentication - /// request, if there is one. - /// </summary> - /// <param name="openIdRequest">The OpenID authentication request.</param> - /// <returns> - /// The scope of access the relying party is requesting, or null if no OAuth request - /// is present. - /// </returns> - /// <remarks> - /// <para>Call this method rather than simply extracting the OAuth extension - /// out from the authentication request directly to ensure that the additional - /// security measures that are required are taken.</para> - /// </remarks> - public AuthorizationRequest ReadAuthorizationRequest(IHostProcessedRequest openIdRequest) { - Requires.NotNull(openIdRequest, "openIdRequest"); - Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); - var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; - ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); - - var authzRequest = openIdRequest.GetExtension<AuthorizationRequest>(); - if (authzRequest == null) { - return null; - } - - // OpenID+OAuth spec section 9: - // The Combined Provider SHOULD verify that the consumer key passed in the - // request is authorized to be used for the realm passed in the request. - string expectedConsumerKey = openidTokenManager.GetConsumerKey(openIdRequest.Realm); - ErrorUtilities.VerifyProtocol( - string.Equals(expectedConsumerKey, authzRequest.Consumer, StringComparison.Ordinal), - OAuthStrings.OpenIdOAuthRealmConsumerKeyDoNotMatch); - - return authzRequest; - } - - /// <summary> - /// Attaches the authorization response to an OpenID authentication response. - /// </summary> - /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> - /// <param name="consumerKey">The consumer key. Must be <c>null</c> if and only if <paramref name="scope"/> is null.</param> - /// <param name="scope">The approved access scope. Use <c>null</c> to indicate no access was granted. The empty string will be interpreted as some default level of access is granted.</param> - [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "We want to take IAuthenticationRequest because that's the only supported use case.")] - [Obsolete("Call the overload that doesn't take a consumerKey instead.")] - public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string consumerKey, string scope) { - Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); - Requires.True((consumerKey == null) == (scope == null), null); - Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); - var openidTokenManager = (ICombinedOpenIdProviderTokenManager)this.TokenManager; - ErrorUtilities.VerifyArgument(consumerKey == null || consumerKey == openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm), OAuthStrings.OpenIdOAuthRealmConsumerKeyDoNotMatch); - - this.AttachAuthorizationResponse(openIdAuthenticationRequest, scope); - } - - /// <summary> - /// Attaches the authorization response to an OpenID authentication response. - /// </summary> - /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> - /// <param name="scope">The approved access scope. Use <c>null</c> to indicate no access was granted. The empty string will be interpreted as some default level of access is granted.</param> - [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "We want to take IAuthenticationRequest because that's the only supported use case.")] - public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string scope) { - Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); - Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); - - var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; - IOpenIdMessageExtension response; - if (scope != null) { - // Generate an authorized request token to return to the relying party. - string consumerKey = openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm); - var approvedResponse = new AuthorizationApprovedResponse { - RequestToken = this.TokenGenerator.GenerateRequestToken(consumerKey), - Scope = scope, - }; - openidTokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, approvedResponse); - response = approvedResponse; - } else { - response = new AuthorizationDeclinedResponse(); - } - - openIdAuthenticationRequest.AddResponseExtension(response); - } - - /// <summary> /// Prepares the message to send back to the consumer following proper authorization of /// a token by an interactive user at the Service Provider's web site. /// </summary> diff --git a/src/DotNetOpenAuth.OAuth/DotNetOpenAuth.OAuth.csproj b/src/DotNetOpenAuth.OAuth/DotNetOpenAuth.OAuth.csproj index 20d6643..1720648 100644 --- a/src/DotNetOpenAuth.OAuth/DotNetOpenAuth.OAuth.csproj +++ b/src/DotNetOpenAuth.OAuth/DotNetOpenAuth.OAuth.csproj @@ -25,8 +25,6 @@ <Compile Include="Configuration\OAuthServiceProviderSecuritySettingsElement.cs" /> <Compile Include="Messaging\ITamperProtectionChannelBindingElement.cs" /> <Compile Include="OAuthReporting.cs" /> - <Compile Include="OAuth\ChannelElements\ICombinedOpenIdProviderTokenManager.cs" /> - <Compile Include="OAuth\ChannelElements\IOpenIdOAuthTokenManager.cs" /> <Compile Include="OAuth\ChannelElements\ITokenManager.cs" /> <Compile Include="OAuth\ChannelElements\OAuthHttpMethodBindingElement.cs" /> <Compile Include="OAuth\ChannelElements\PlaintextSigningBindingElement.cs" /> @@ -83,10 +81,6 @@ <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> <Name>DotNetOpenAuth.Core</Name> </ProjectReference> - <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> - <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> - <Name>DotNetOpenAuth.OpenId</Name> - </ProjectReference> </ItemGroup> <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> diff --git a/src/DotNetOpenAuth.OAuth/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OAuth/Properties/AssemblyInfo.cs index 9b2c47a..cbc1307 100644 --- a/src/DotNetOpenAuth.OAuth/Properties/AssemblyInfo.cs +++ b/src/DotNetOpenAuth.OAuth/Properties/AssemblyInfo.cs @@ -51,12 +51,14 @@ using System.Web.UI; [assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.Consumer, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.ServiceProvider, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] [assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")] #else [assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.Consumer")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth.ServiceProvider")] +[assembly: InternalsVisibleTo("DotNetOpenAuth.OpenIdOAuth")] [assembly: InternalsVisibleTo("DotNetOpenAuth.OAuth2")] [assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")] #endif diff --git a/src/DotNetOpenAuth.OpenIdOAuth/DotNetOpenAuth.OpenIdOAuth.csproj b/src/DotNetOpenAuth.OpenIdOAuth/DotNetOpenAuth.OpenIdOAuth.csproj new file mode 100644 index 0000000..009eaf1 --- /dev/null +++ b/src/DotNetOpenAuth.OpenIdOAuth/DotNetOpenAuth.OpenIdOAuth.csproj @@ -0,0 +1,58 @@ +<?xml version="1.0" encoding="utf-8"?> +<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))\EnlistmentInfo.props" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.props))' != '' " /> + <PropertyGroup> + <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration> + <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.props" /> + <PropertyGroup> + <SchemaVersion>2.0</SchemaVersion> + <ProjectGuid>{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}</ProjectGuid> + <OutputType>Library</OutputType> + <AppDesignerFolder>Properties</AppDesignerFolder> + <RootNamespace>DotNetOpenAuth</RootNamespace> + <AssemblyName>DotNetOpenAuth.OpenIdOAuth</AssemblyName> + </PropertyGroup> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.Product.props" /> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' "> + </PropertyGroup> + <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' "> + </PropertyGroup> + <ItemGroup> + <Compile Include="OAuth\ChannelElements\ICombinedOpenIdProviderTokenManager.cs" /> + <Compile Include="OAuth\ChannelElements\IOpenIdOAuthTokenManager.cs" /> + <Compile Include="OAuth\ServiceProviderOpenIdProvider.cs" /> + <Compile Include="OAuth\WebConsumerOpenIdRelyingParty.cs" /> + <Compile Include="Properties\AssemblyInfo.cs" /> + </ItemGroup> + <ItemGroup> + <ProjectReference Include="..\DotNetOpenAuth.Core\DotNetOpenAuth.Core.csproj"> + <Project>{60426312-6AE5-4835-8667-37EDEA670222}</Project> + <Name>DotNetOpenAuth.Core</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth.Consumer\DotNetOpenAuth.OAuth.Consumer.csproj"> + <Project>{B202E40D-4663-4A2B-ACDA-865F88FF7CAA}</Project> + <Name>DotNetOpenAuth.OAuth.Consumer</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth.ServiceProvider\DotNetOpenAuth.OAuth.ServiceProvider.csproj"> + <Project>{FED1923A-6D70-49B5-A37A-FB744FEC1C86}</Project> + <Name>DotNetOpenAuth.OAuth.ServiceProvider</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OAuth\DotNetOpenAuth.OAuth.csproj"> + <Project>{A288FCC8-6FCF-46DA-A45E-5F9281556361}</Project> + <Name>DotNetOpenAuth.OAuth</Name> + </ProjectReference> + <ProjectReference Include="..\DotNetOpenAuth.OpenId\DotNetOpenAuth.OpenId.csproj"> + <Project>{3896A32A-E876-4C23-B9B8-78E17D134CD3}</Project> + <Name>DotNetOpenAuth.OpenId</Name> + </ProjectReference> + <ProjectReference Include="..\Org.Mentalis.Security.Cryptography\Org.Mentalis.Security.Cryptography.csproj"> + <Project>{26DC877F-5987-48DD-9DDB-E62F2DE0E150}</Project> + <Name>Org.Mentalis.Security.Cryptography</Name> + </ProjectReference> + </ItemGroup> + <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" /> + <Import Project="$(ProjectRoot)tools\DotNetOpenAuth.targets" /> + <Import Project="$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))\EnlistmentInfo.targets" Condition=" '$([MSBuild]::GetDirectoryNameOfFileAbove($(MSBuildProjectDirectory), EnlistmentInfo.targets))' != '' " /> +</Project>
\ No newline at end of file diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/ICombinedOpenIdProviderTokenManager.cs b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ChannelElements/ICombinedOpenIdProviderTokenManager.cs index d6a7e93..d6a7e93 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/ICombinedOpenIdProviderTokenManager.cs +++ b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ChannelElements/ICombinedOpenIdProviderTokenManager.cs diff --git a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/IOpenIdOAuthTokenManager.cs b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ChannelElements/IOpenIdOAuthTokenManager.cs index 3f3c1d9..3f3c1d9 100644 --- a/src/DotNetOpenAuth.OAuth/OAuth/ChannelElements/IOpenIdOAuthTokenManager.cs +++ b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ChannelElements/IOpenIdOAuthTokenManager.cs diff --git a/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ServiceProviderOpenIdProvider.cs b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ServiceProviderOpenIdProvider.cs new file mode 100644 index 0000000..b590a90 --- /dev/null +++ b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/ServiceProviderOpenIdProvider.cs @@ -0,0 +1,161 @@ +//----------------------------------------------------------------------- +// <copyright file="ServiceProviderOpenIdProvider.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth { + using System; + using System.Collections.Generic; + using System.ComponentModel; + using System.Diagnostics.CodeAnalysis; + using System.Diagnostics.Contracts; + using System.Globalization; + using System.Security.Principal; + using System.ServiceModel.Channels; + using System.Web; + using DotNetOpenAuth.Configuration; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.Messaging.Bindings; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId; + using DotNetOpenAuth.OpenId.Extensions.OAuth; + using DotNetOpenAuth.OpenId.Messages; + using DotNetOpenAuth.OpenId.Provider; + + /// <summary> + /// A web application that allows access via OAuth and can respond to OpenID+OAuth requests. + /// </summary> + /// <remarks> + /// <para>The Service Provider’s documentation should include:</para> + /// <list> + /// <item>The URLs (Request URLs) the Consumer will use when making OAuth requests, and the HTTP methods (i.e. GET, POST, etc.) used in the Request Token URL and Access Token URL.</item> + /// <item>Signature methods supported by the Service Provider.</item> + /// <item>Any additional request parameters that the Service Provider requires in order to obtain a Token. Service Provider specific parameters MUST NOT begin with oauth_.</item> + /// </list> + /// </remarks> + public class ServiceProviderOpenIdProvider : ServiceProvider { + /// <summary> + /// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class. + /// </summary> + /// <param name="serviceDescription">The endpoints and behavior on the Service Provider.</param> + /// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param> + public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager) + : base(serviceDescription, tokenManager) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class. + /// </summary> + /// <param name="serviceDescription">The service description.</param> + /// <param name="tokenManager">The token manager.</param> + /// <param name="messageTypeProvider">The message type provider.</param> + public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, OAuthServiceProviderMessageFactory messageTypeProvider) + : base(serviceDescription, tokenManager, messageTypeProvider) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class. + /// </summary> + /// <param name="serviceDescription">The service description.</param> + /// <param name="tokenManager">The token manager.</param> + /// <param name="nonceStore">The nonce store.</param> + public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore) + : base(serviceDescription, tokenManager, nonceStore) { + } + + /// <summary> + /// Initializes a new instance of the <see cref="ServiceProviderOpenIdProvider"/> class. + /// </summary> + /// <param name="serviceDescription">The service description.</param> + /// <param name="tokenManager">The token manager.</param> + /// <param name="nonceStore">The nonce store.</param> + /// <param name="messageTypeProvider">The message type provider.</param> + public ServiceProviderOpenIdProvider(ServiceProviderDescription serviceDescription, IServiceProviderTokenManager tokenManager, INonceStore nonceStore, OAuthServiceProviderMessageFactory messageTypeProvider) + : base(serviceDescription, tokenManager, nonceStore, messageTypeProvider) { + } + + /// <summary> + /// Gets the OAuth authorization request included with an OpenID authentication + /// request, if there is one. + /// </summary> + /// <param name="openIdRequest">The OpenID authentication request.</param> + /// <returns> + /// The scope of access the relying party is requesting, or null if no OAuth request + /// is present. + /// </returns> + /// <remarks> + /// <para>Call this method rather than simply extracting the OAuth extension + /// out from the authentication request directly to ensure that the additional + /// security measures that are required are taken.</para> + /// </remarks> + public AuthorizationRequest ReadAuthorizationRequest(IHostProcessedRequest openIdRequest) { + Requires.NotNull(openIdRequest, "openIdRequest"); + Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); + var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; + ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); + + var authzRequest = openIdRequest.GetExtension<AuthorizationRequest>(); + if (authzRequest == null) { + return null; + } + + // OpenID+OAuth spec section 9: + // The Combined Provider SHOULD verify that the consumer key passed in the + // request is authorized to be used for the realm passed in the request. + string expectedConsumerKey = openidTokenManager.GetConsumerKey(openIdRequest.Realm); + ErrorUtilities.VerifyProtocol( + string.Equals(expectedConsumerKey, authzRequest.Consumer, StringComparison.Ordinal), + OAuthStrings.OpenIdOAuthRealmConsumerKeyDoNotMatch); + + return authzRequest; + } + + /// <summary> + /// Attaches the authorization response to an OpenID authentication response. + /// </summary> + /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> + /// <param name="consumerKey">The consumer key. Must be <c>null</c> if and only if <paramref name="scope"/> is null.</param> + /// <param name="scope">The approved access scope. Use <c>null</c> to indicate no access was granted. The empty string will be interpreted as some default level of access is granted.</param> + [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "We want to take IAuthenticationRequest because that's the only supported use case.")] + [Obsolete("Call the overload that doesn't take a consumerKey instead.")] + public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string consumerKey, string scope) { + Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); + Requires.True((consumerKey == null) == (scope == null), null); + Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); + var openidTokenManager = (ICombinedOpenIdProviderTokenManager)this.TokenManager; + ErrorUtilities.VerifyArgument(consumerKey == null || consumerKey == openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm), OAuthStrings.OpenIdOAuthRealmConsumerKeyDoNotMatch); + + this.AttachAuthorizationResponse(openIdAuthenticationRequest, scope); + } + + /// <summary> + /// Attaches the authorization response to an OpenID authentication response. + /// </summary> + /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> + /// <param name="scope">The approved access scope. Use <c>null</c> to indicate no access was granted. The empty string will be interpreted as some default level of access is granted.</param> + [SuppressMessage("Microsoft.Design", "CA1011:ConsiderPassingBaseTypesAsParameters", Justification = "We want to take IAuthenticationRequest because that's the only supported use case.")] + public void AttachAuthorizationResponse(IHostProcessedRequest openIdAuthenticationRequest, string scope) { + Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); + Requires.ValidState(this.TokenManager is ICombinedOpenIdProviderTokenManager); + + var openidTokenManager = this.TokenManager as ICombinedOpenIdProviderTokenManager; + IOpenIdMessageExtension response; + if (scope != null) { + // Generate an authorized request token to return to the relying party. + string consumerKey = openidTokenManager.GetConsumerKey(openIdAuthenticationRequest.Realm); + var approvedResponse = new AuthorizationApprovedResponse { + RequestToken = this.TokenGenerator.GenerateRequestToken(consumerKey), + Scope = scope, + }; + openidTokenManager.StoreOpenIdAuthorizedRequestToken(consumerKey, approvedResponse); + response = approvedResponse; + } else { + response = new AuthorizationDeclinedResponse(); + } + + openIdAuthenticationRequest.AddResponseExtension(response); + } + } +} diff --git a/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs new file mode 100644 index 0000000..0d1a602 --- /dev/null +++ b/src/DotNetOpenAuth.OpenIdOAuth/OAuth/WebConsumerOpenIdRelyingParty.cs @@ -0,0 +1,97 @@ +//----------------------------------------------------------------------- +// <copyright file="WebConsumerOpenIdRelyingParty.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +namespace DotNetOpenAuth.OAuth { + using System; + using System.Collections.Generic; + using System.Linq; + using System.Text; + using DotNetOpenAuth.Messaging; + using DotNetOpenAuth.OAuth.ChannelElements; + using DotNetOpenAuth.OAuth.Messages; + using DotNetOpenAuth.OpenId.Extensions.OAuth; + using DotNetOpenAuth.OpenId.RelyingParty; + + /// <summary> + /// A website or application that uses OAuth to access the Service Provider on behalf of the User + /// and can attach OAuth requests to outbound OpenID authentication requests. + /// </summary> + /// <remarks> + /// The methods on this class are thread-safe. Provided the properties are set and not changed + /// afterward, a single instance of this class may be used by an entire web application safely. + /// </remarks> + public class WebConsumerOpenIdRelyingParty : WebConsumer { + /// <summary> + /// Initializes a new instance of the <see cref="WebConsumerOpenIdRelyingParty"/> class. + /// </summary> + /// <param name="serviceDescription">The endpoints and behavior of the Service Provider.</param> + /// <param name="tokenManager">The host's method of storing and recalling tokens and secrets.</param> + public WebConsumerOpenIdRelyingParty(ServiceProviderDescription serviceDescription, IConsumerTokenManager tokenManager) + : base(serviceDescription, tokenManager) { + } + + /// <summary> + /// Attaches an OAuth authorization request to an outgoing OpenID authentication request. + /// </summary> + /// <param name="openIdAuthenticationRequest">The OpenID authentication request.</param> + /// <param name="scope">The scope of access that is requested of the service provider.</param> + public void AttachAuthorizationRequest(IAuthenticationRequest openIdAuthenticationRequest, string scope) { + Requires.NotNull(openIdAuthenticationRequest, "openIdAuthenticationRequest"); + + var authorizationRequest = new AuthorizationRequest { + Consumer = this.ConsumerKey, + Scope = scope, + }; + + openIdAuthenticationRequest.AddExtension(authorizationRequest); + } + + /// <summary> + /// Processes an incoming authorization-granted message from an SP and obtains an access token. + /// </summary> + /// <param name="openIdAuthenticationResponse">The OpenID authentication response that may be carrying an authorized request token.</param> + /// <returns> + /// The access token, or null if OAuth authorization was denied by the user or service provider. + /// </returns> + /// <remarks> + /// The access token, if granted, is automatically stored in the <see cref="ConsumerBase.TokenManager"/>. + /// The token manager instance must implement <see cref="IOpenIdOAuthTokenManager"/>. + /// </remarks> + public AuthorizedTokenResponse ProcessUserAuthorization(IAuthenticationResponse openIdAuthenticationResponse) { + Requires.NotNull(openIdAuthenticationResponse, "openIdAuthenticationResponse"); + Requires.ValidState(this.TokenManager is IOpenIdOAuthTokenManager); + var openidTokenManager = this.TokenManager as IOpenIdOAuthTokenManager; + ErrorUtilities.VerifyOperation(openidTokenManager != null, OAuthStrings.OpenIdOAuthExtensionRequiresSpecialTokenManagerInterface, typeof(IOpenIdOAuthTokenManager).FullName); + + // The OAuth extension is only expected in positive assertion responses. + if (openIdAuthenticationResponse.Status != AuthenticationStatus.Authenticated) { + return null; + } + + // Retrieve the OAuth extension + var positiveAuthorization = openIdAuthenticationResponse.GetExtension<AuthorizationApprovedResponse>(); + if (positiveAuthorization == null) { + return null; + } + + // Prepare a message to exchange the request token for an access token. + // We are careful to use a v1.0 message version so that the oauth_verifier is not required. + var requestAccess = new AuthorizedTokenRequest(this.ServiceProvider.AccessTokenEndpoint, Protocol.V10.Version) { + RequestToken = positiveAuthorization.RequestToken, + ConsumerKey = this.ConsumerKey, + }; + + // Retrieve the access token and store it in the token manager. + openidTokenManager.StoreOpenIdAuthorizedRequestToken(this.ConsumerKey, positiveAuthorization); + var grantAccess = this.Channel.Request<AuthorizedTokenResponse>(requestAccess); + this.TokenManager.ExpireRequestTokenAndStoreNewAccessToken(this.ConsumerKey, positiveAuthorization.RequestToken, grantAccess.AccessToken, grantAccess.TokenSecret); + + // Provide the caller with the access token so it may be associated with the user + // that is logging in. + return grantAccess; + } + } +} diff --git a/src/DotNetOpenAuth.OpenIdOAuth/Properties/AssemblyInfo.cs b/src/DotNetOpenAuth.OpenIdOAuth/Properties/AssemblyInfo.cs new file mode 100644 index 0000000..08c3ec2 --- /dev/null +++ b/src/DotNetOpenAuth.OpenIdOAuth/Properties/AssemblyInfo.cs @@ -0,0 +1,53 @@ +//----------------------------------------------------------------------- +// <copyright file="AssemblyInfo.cs" company="Outercurve Foundation"> +// Copyright (c) Outercurve Foundation. All rights reserved. +// </copyright> +//----------------------------------------------------------------------- + +// We DON'T put an AssemblyVersionAttribute in here because it is generated in the build. + +using System; +using System.Diagnostics.Contracts; +using System.Net; +using System.Reflection; +using System.Resources; +using System.Runtime.CompilerServices; +using System.Runtime.InteropServices; +using System.Security; +using System.Security.Permissions; +using System.Web.UI; + +// General Information about an assembly is controlled through the following +// set of attributes. Change these attribute values to modify the information +// associated with an assembly. +[assembly: AssemblyTitle("DotNetOpenAuth")] +[assembly: AssemblyDescription("")] +[assembly: AssemblyConfiguration("")] +[assembly: AssemblyCompany("")] +[assembly: AssemblyProduct("DotNetOpenAuth")] +[assembly: AssemblyCopyright("Copyright © 2011 Outercurve Foundation")] +[assembly: AssemblyTrademark("")] +[assembly: AssemblyCulture("")] +[assembly: NeutralResourcesLanguage("en-US")] +[assembly: CLSCompliant(true)] + +// Setting ComVisible to false makes the types in this assembly not visible +// to COM components. If you need to access a type in this assembly from +// COM, set the ComVisible attribute to true on that type. +[assembly: ComVisible(false)] + +// The following GUID is for the ID of the typelib if this project is exposed to COM +[assembly: Guid("F9AFC069-8291-497F-B2A1-3E4D1646C572")] +[assembly: ContractVerification(true)] + +#if StrongNameSigned +// See comment at top of this file. We need this so that strong-naming doesn't +// keep this assembly from being useful to shared host (medium trust) web sites. +[assembly: AllowPartiallyTrustedCallers] + +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test, PublicKey=0024000004800000940000000602000000240000525341310004000001000100AD093C3765257C89A7010E853F2C7C741FF92FA8ACE06D7B8254702CAD5CF99104447F63AB05F8BB6F51CE0D81C8C93D2FCE8C20AAFF7042E721CBA16EAAE98778611DED11C0ABC8900DC5667F99B50A9DADEC24DBD8F2C91E3E8AD300EF64F1B4B9536CEB16FB440AF939F57624A9B486F867807C649AE4830EAB88C6C03998")] +[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2, PublicKey=0024000004800000940000000602000000240000525341310004000001000100c547cac37abd99c8db225ef2f6c8a3602f3b3606cc9891605d02baa56104f4cfc0734aa39b93bf7852f7d9266654753cc297e7d2edfe0bac1cdcf9f717241550e0a7b191195b7667bb4f64bcb8e2121380fd1d9d46ad2d92d2d15605093924cceaf74c4861eff62abf69b9291ed0a340e113be11e6a7d3113e92484cf7045cc7")] +#else +[assembly: InternalsVisibleTo("DotNetOpenAuth.Test")] +[assembly: InternalsVisibleTo("DynamicProxyGenAssembly2")] +#endif diff --git a/src/DotNetOpenAuth.sln b/src/DotNetOpenAuth.sln index 2f664cc..89ce037 100644 --- a/src/DotNetOpenAuth.sln +++ b/src/DotNetOpenAuth.sln @@ -209,6 +209,8 @@ Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OAuthConsumer", "..\samples EndProject Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "OAuthServiceProvider", "..\samples\OAuthServiceProvider\OAuthServiceProvider.csproj", "{CAA2408C-6918-4902-A512-58BCD62216C3}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "DotNetOpenAuth.OpenIdOAuth", "DotNetOpenAuth.OpenIdOAuth\DotNetOpenAuth.OpenIdOAuth.csproj", "{4BFAA336-5DF3-4F27-82D3-06D13240E8AB}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution CodeAnalysis|Any CPU = CodeAnalysis|Any CPU @@ -552,6 +554,14 @@ Global {CAA2408C-6918-4902-A512-58BCD62216C3}.Release|Any CPU.Build.0 = Release|Any CPU {CAA2408C-6918-4902-A512-58BCD62216C3}.ReleaseNoUI|Any CPU.ActiveCfg = Release|Any CPU {CAA2408C-6918-4902-A512-58BCD62216C3}.ReleaseNoUI|Any CPU.Build.0 = Release|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.ActiveCfg = CodeAnalysis|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.CodeAnalysis|Any CPU.Build.0 = CodeAnalysis|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Debug|Any CPU.Build.0 = Debug|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.ActiveCfg = Release|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.Release|Any CPU.Build.0 = Release|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.ReleaseNoUI|Any CPU.ActiveCfg = Release|Any CPU + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB}.ReleaseNoUI|Any CPU.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE @@ -607,6 +617,7 @@ Global {A1A3150A-7B0E-4A34-8E35-045296CD3C76} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} {ADC2CC8C-541E-4F86-ACB1-DD504A36FA4B} = {238B6BA8-AD99-43C9-B8E2-D2BCE6CE04DC} {3A8347E8-59A5-4092-8842-95C75D7D2F36} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} + {4BFAA336-5DF3-4F27-82D3-06D13240E8AB} = {57A7DD35-666C-4FA3-9A1B-38961E50CA27} {2BF1FFD1-607E-40D0-8AB5-EDA677EF932D} = {2DA24D4F-6918-43CF-973C-BC9D818F8E90} {CAA2408C-6918-4902-A512-58BCD62216C3} = {2DA24D4F-6918-43CF-973C-BC9D818F8E90} EndGlobalSection diff --git a/tools/DotNetOpenAuth.props b/tools/DotNetOpenAuth.props index 1455d68..9f7b18d 100644 --- a/tools/DotNetOpenAuth.props +++ b/tools/DotNetOpenAuth.props @@ -71,6 +71,7 @@ DotNetOpenAuth.InfoCard; DotNetOpenAuth.InfoCard.UI; DotNetOpenAuth.OpenIdInfoCard.UI; + DotNetOpenAuth.OpenIdOAuth; " /> <ProductProjectNames Include=" DotNetOpenAuth.OAuth2; |